Meltdown Malware Patch That Opens Other Holes Fixed on Win7

[FrgMstr]

Microsoft just issued a March 2018 patch for the January 2018 patch that was directed at fixing a Meltdown malware attack vector according to Bleeping Computer. The January patch specific to Windows 7 and Windows Server 2008 R2. That patch allowed access permission for kernel memory. Make sure if you still use those operating systems that you have both of these patches installed.


This issue affected only 64-bit versions of Windows 7 and Windows Server 2008 R2, Frisk said. We say affected because Microsoft patched the bug by flipping the PML4 permission bit back to its original value in this month's Patch Tuesday.

 

[katanaD]

what has really stood out to me about the whole metldown/spectre thing is just how bad patching can be. Companies falling over themselves to patch in an effort more to retain a good PR then to fix an issue, and in doing so, really made a BIGGER mess of things then existed before.

 

[horskh]

Yo dawg, I heard you like patches...

 

[xrealm20]

I just wish they'd QA the damned patches.

 

[pclov3r]

And too add insult to injury Microsoft pulled the March 2018 roll up update due to being buggy so it seems you really shouldn't apply it until they fix it.

https://www.computerworld.com/artic...5-hopefully-as-a-precursor-to-yanking-it.html

 

[katanaD]

I just wish they'd QA the damned patches.

but they are... on our machines

;>)